Senior Analyst - Security and Compliance

Description

• Understand our business and the problems we are trying to solve, deeply, when it comes to our core security services
• Support the sales and pre-sales teams in responding to customer risk and security questionnaires and queries
• Build customer trust through managing and hosting in-person customer/prospect security meetings
• Be the Salesforce field expert for the Salesforce trust story covering security, architecture, reliability, performance, privacy and compliance.
• Interface with Product Management and Security teams to ensure all the latest security features and capabilities are properly represented in customer responses
• Collaborate with the Salesforce Legal, Privacy and other teams on customer-specific contract requirements
• Interface to Salesforce security engineering and product management teams
• Ensure teams are aware of gaps in our security/compliance capabilities that are impacting customers and prospects
• Ensure field sales, services and partner teams are consistently enabled with the latest and best positioning around Salesforce security and compliance
• Gather customer security/compliance requests, and liaison with Salesforce product managers to maintain a security product roadmap
• Provide input and assist in developing compliance-related documentation: white papers, standard questionnaires, security best practices, etc.
• Develop SME capabilities for selected Salesforce Services and work with the product teams and global SMEs within the team to stay updated on the latest developments.
• Support drafting white papers and security collateral
  

Desired Qualifications

• Bachelor's degree with 6+ years of experience in information security, governance, and compliance
• Experience with cloud platforms like AWS, GCP, Azure.
• Understanding the architectural and security nuances.
• Excellent cross-functional collaboration and communication skills across product, security, Marketing, Field Sales, and more.
• Excellent communication and presentation skills
  

Desired Skills And Experience

• Familiarity with one or more security and regulatory frameworks: NIST 800-53, NIST Cybersecurity Framework, PCI-DSS, ISO 27001, ISO 27017, ISO 27018, CSA, Monetary Authority of Singapore (MAS) Outsourcing Guidelines and TRM, Personal Data Protection laws in Singapore, Malaysia, Thailand, Indonesia, Vietnam etc, BNM Outsourcing guidelines and Risk Management in IT (RMiT) etc.
• Managed one or more compliance certifications/audits, either as an auditor or responder ( PCI-DSS, ISO27001, SOC-1/2, IRAP/ISMS, MTCS, etc.)
• Experience with completing customer security/compliance questionnaires
• Familiarity with Data Protection Laws in Australia
• Experience interpreting the intent of specific customer questions, and mapping them to industry standard controls
• Familiarity with public cloud architectures, security practices and compliance documentation
• Experience working in the Financial Services, Insurance, Banking, Superannuation, Telecommunication services industry
• Strong team player
  

About Salesforce